Cisco Security Cloud Integration

Introduction

Cisco Secure Firewall Management Center (FMC) now integrates with Cisco Security Cloud. This integration enhances your experience by enabling a variety of Cisco cloud security services, including:

  • Cisco AI Assistant for Security
  • Policy Analyzer & Optimizer
  • Low-Touch Provisioning to easily onboard branch devices
  • Integration with Cisco XDR and Talos Eventing services
  • Cloud-based logging and eventing with Cisco Security Analytics and Logging (SaaS)

🚧

SecureX End-of-Life Notice

Cisco SecureX is End-of-Life and is no longer supported. For an FMC which is integrated with SecureX, upon upgrade to FMC 7.6, the Cisco Security Cloud interface will show as unregistered. However, all existing cloud-integrated features will continue uninterrupted.

In order to make any configuration changes after upgrade, or to enable any of the new features (such as AI Assistant for Firewall), it is highly recommended to register directly with Cisco Security Cloud.

Prerequisites

Integrating with the Cisco Security Cloud requires a Cisco Security Cloud Sign On account. If you do not already have an account you can create one here: https://sign-on.security.cisco.com

Cisco Secure Firewall Management Center must have outbound internet connectivity on port 443/TCP (HTTPS). For environments where outbound access is restricted, the following table shows the minimum requirements for connectivity to Cisco Security Cloud.

Cisco Security Cloud RegionResources
Americas (us-east-1)www.defenseorchestrator.com
admin.sse.itd.cisco.com
securex.us.security.cisco.com
api-services.us.sse.itd.cisco.com
api-sse.cisco.com
registration.us.sse.itd.cisco.com
Europe (eu-central-1)defenseorchestrator.eu
admin.eu.sse.itd.cisco.com
securex.eu.security.cisco.com
api-services.eu.sse.itd.cisco.com
api.eu.sse.itd.cisco.com
registration.eu.sse.itd.cisco.com
APJ (ap-northeast-1)www.apj.cdo.cisco.com
admin.apj.sse.itd.cisco.com
securex.apjc.security.cisco.com
api-services.apj.sse.itd.cisco.com
api.apj.sse.itd.cisco.com
registration.apj.sse.itd.cisco.com
Australia (ap-southeast-2)www.aus.cdo.cisco.com
api-services.au.sse.itd.cisco.com
api.au.sse.itd.cisco.com
registration.au.sse.itd.cisco.com
India (ap-south-1)www.in.cdo.cisco.com
api-services.in.sse.itd.cisco.com
api.in.sse.itd.cisco.com
registration.in.sse.itd.cisco.com

Configuration Process

  1. In Firewall Management Center, navigate to Integration > Cisco Security Cloud.

    FMC menu navigation to Cisco Security Cloud page
  2. From the drop-down list select your desired region in Current Cloud Region. Then click Enable Cisco Security Cloud.

  3. A pop-up window will appear with the title Welcome to the Cisco Security Cloud. (If the pop-up does not automatically appear, it is possible it was blocked by your web browser, and will need to be manually displayed.) On this screen, click Continue to Cisco SSO.

  4. Sign-in with your Cisco Security Cloud email address and password. (If you do not have an existing account, please click Sign up now on the screen to create one.)

  5. A new screen will appear asking to Grant Application Access to your FMC. Please confirm the code displayed on this screen matches the code on your FMC. After confirming, click Authorize FMC.

    Cisco Security Cloud ViewFMC View
  6. Cisco Security Cloud will confirm that your FMC has been authorized. This browser window can now be closed.

  7. Back on the FMC, Cisco Security Cloud will now show that it is Enabled. Click Save for the configuration to take effect.

  8. A screen will appear while Cisco Security Cloud is being configured. Configuration can take 1-3 minutes to complete.

Enabling Features

Once integration with Cisco Security Cloud is complete, the Settings section will display the various integration options which can be enabled, including:

  • Event Configuration: Send Security-Related events (or all events, with an active Security Analytics and Logging subscription) to the cloud.
  • Cisco AI Assistant: AI Assistant explains firewall configurations, assists with rule creation, and generates custom guides for completing common administrative tasks.
  • Policy Analyzer and Optimizer: Assists with review of firewall configurations to optimize the security and performance of firewalls.
  • Cisco Security Cloud Support: Enable the sharing of usage metrics to assist Cisco in improving the quality and features of the product, and allow Cisco Support to easily collect device telemetry to assist in troubleshooting during support calls.
  • Cisco XDR Automation: Allow Cisco XDR to automate response actions on Firewall Management Center (requires a Cisco XDR account).

Title of the document The current suggested release is 7.4.2 Check out our new 7.6 Release Overview video.